We cannot trust our ISPs. If they aren't already logging everything we send and receive, every DNS lookup we make, they may start doing so at any time - either voluntarily or by coercion

We are under surveillance by our own and foreign governments

We are the easy prey of business and hackers

All computers should carry a Government Health Warning, like they have on cigarette packs. Every home should receive leaflets warning of the threats. Like car seat belts, firewalls should be made compulsory.

Most, if not all of us, here spend an inordinate amount of time maintaining our computers' protection. We're in the minority - in fact, we're rare birds indeed, as millions of users live in blissful ignorance and are fodder for the exploiters and watchers.

What really astonishes me is why we're not screaming "Rape!" Rather, we're just muttering darkly amongst ourselves, in our small Security gatherngs here and in places like Becky's and GRC. Are we really so powerless? Must we always be vulnerable?

Let us encrypt
Let us be proxied
Let us be free

Let this be a call to arms, for users and developers, to come together and use our ingenuity to take back what is ours by right.

Right on, Checkout! The message I want people to get out is that the Internet itself was built with TAXPAYER DOLLARS! It belongs to the PEOPLE.

John

Click to expand...

Interesting point...

I do not like the current turn of events, where ISPs and other "forces" are tracking us more and more - though I do agree at least some form of survelliance to help in criminal investigations, etc.

I DO think it is quite possible to enforce some law that would make it mandatory that we would know WHAT data is being tracked, WHY, and WHAT safeguards are in place to protect it - also, HOW we know its not being missused for other purposes.

Logging, tracking, etc. will never go away. People who do not care about security will never go away. But WE can work together, even as a small community, to help limit the problems that these things can cause, and (in the case of logging and tracking) limit their use.

I do not like the current turn of events, where ISPs and other "forces" are tracking us more and more - though I do agree at least some form of survelliance to help in criminal investigations, etc.

Click to expand...

One is anaethema to the other: we cannot install s/w that will only infringe on the civil liberties of "the bad guys" and bypass the vast majority of the innocent rest of us. Would you, in all conscience, endorse signs on buses that read, "No ex-cons allowed on board"? In too many ways, a single conviction is a life sentence. I hope you're all more reasonable than that. I am not prepared to relinquish my rights on the presumption of guilt over innocence.

Let me say this: there is a way for us all (regrettably, including terrorists and criminals) to retain our privacy and security. (There's always a price to be paid, and I can't change that.)

I've already approached four developers (individuals and companies) and received either zilch or refusals. Too busy, they say.

If, and only if, there's a sufficient response to this thread by both concerned users and those technically-gifted to develop my ideas, I'll present them.

Make yourselves heard, please. Come forward and stand up to be counted, and let's get some open-source code out into the real world!

Let me make this clea: this is a way for us all to retain our privacy and security. And, no, I am not a nut.

Checkout - Well, man, what are you waiting for - start laying out the plan and the method involved!

( I think you know me well enough to know my actual stance on individual personal liberty and our right to freedom in our homes and on our computers - if not, I'll be happy to provide you with links to all the threads I started or took part in when the proposal for the USA Patriot Act first came out ).

It's hard not to get discouraged about these issues when we take stock of all the forces arrayed against us sometimes, I just thank goodness that the discouragement is never more than temporary (it usually only lasts in my case until the latest developement in keeping or re-gaining some measure of privacy comes along.

As you probably know, I'm a long-time user of both IDsecure and JAP, PortCastServer and QuickSilver and have many programs on my own computer that ensure that anything I view/type on here is very short-lived.

Anything that you can come up with to help improve anything I have, be it a method or a program, will certainly be examined with much interest by myself and others.

Stuff like that is what we live for here - else why would we be involved in the Security/Privacy fields to begin with? Pete

Well I want my privacy and I work forbut I'm kinda a dummy when it comes to programming.. I've written a couple html documents hehe that's about the limit of my proficiency... I also just dont have the money right now to get the best protection programs available.. I'll hafta get my old self outta college first :-/

Checkout - Well, man, what are you waiting for - start laying out the plan and the method involved!

Click to expand...

Pete, that's what I wanted to hear.

Let's analyze the problem: WHO WHAT WHERE

WHO - this is you, me, us, everyone who wishes remain a WHO and not a logged name and address

WHAT - is the content you're sending and receiving, and of great interest to people for whom it's none of their damned business

WHERE - is the site or person I'm talking to. Say, for example, I admire Greenpeace and would like to be a supporter, but I don't want to be listed on Special Branch's computer (like all the UK Greenpeace members are, as are the people they associate with)
I demand the right to freely associate with whomever I please and not have someone know that I may have political or religious affiliations

Proposition:

If we can completely disassociate WHO, WHAT and WHERE then we have our privacy and security back in our hands.

By this, I mean that:

any party who can see the content must NOT know that it came from me. I must be anonymised (except if I choose to give it away, by logging in)

any party which knows who I am must NOT be able to read the content or know who I am talking to. My content must be strongly encrypted

It can be done. I call this Project Vegetarian, for obvious reasons. It will have three components:

Cerberus is the software on my home computer
When I dial my ISP and route to Juno, Cerberus will login to Juno using SSL. Juno will demand a set of public keys from me. Cerberus will create a one-session-only passphrase and deliver the public keys to Juno.

Juno is my primary proxy
On receipt of my public keys, Juno will pass them to Mercury. Mercury will generate a pair of keys and return the public set to Juno, who in turn, will forward them to Cerberus. Juno will pass encrypted traffic between Cerberus and Mercury

Mercury is my secondary proxyMercury will then contact the site I intend to visit. Mercury will not know who I am because Juno has anonymised me - and Mercury will even anonymise Juno!

I need to clarify Cerberus's role here. He's a smart puppy - he only talks to Juno, and nobody else. When one of my applications wants to go to 111.122.133.144 on port 90, he puts a wrapper around all the data going there, and sends it to Juno. Juno passes it to Mercury, who reads the wrapper and sends the data to 111.122.133.144 port 90 from its own IP. Data coming back is handled the same way but in reverse.

Cerberus, on receipt, gives the data to the application as if it had come from my home computer's port 90. My firewall hasn't got a clue that anything's being rerouted! Cerberus stealths every other port on my computer except the one that talks to Juno. How's that for increased security?

Just to hammer this home (sorry) everything goes out or comes in via Juno's IP and port - FTP. HTTP, IRC, TELNET, everything. Cerberus will totally block all incoming data on all other ports on my home computer. If my application is listening on my home computer's port 57, it's really listening on Mercury's port 57!

My ISP is completely blinded. No-one can demand my encryption keys because Cerberus generates them dynamically and discards them after use, never disclosing them to me.

Those are the basics. The idea is extendable, with things like store-and-forward e-mail, and endpoint sites themselves adopting the role of secondary server, for point-to-point encryption. And, of course, a primary proxy server can also host a secondary proxy, but cannot connect the two.

With a little sophistication, we can try to ensure that neither proxy lies within the same social/economic/political region (so that if some agency decides to set honeytraps - fake Vegetarian proxies - it won't do any harm, since Cerberus will be setup to contact a primary proxy outside its own region - say, out of range of Carnivore.)

What do you think, Pete?

There's an ideal rallying call, of course: I will not be pushed, filed, stamped, indexed, briefed, debriefed or numbered! I am not a number, I am a free man! My life is my own!

If so, are they something that you use constantly (or would they be), or are they something you'd use just when you wanted anonymity? (The reason I ask is because I'm doing almost - I think - the same thing when I go through both JAP and IDsecure [which encrypts all transmissions] - but it's slow! Is your proposed/in place system slow?

Right now it's just a concept, but I hope people like yourself can help make it a reality. I would hope there'll be a performance advantage when the secondary, Mercury, is either close to the target IP or actually is the target IP. Furthermore, there's no need for a fixed relationship between a Juno and a Mercury - any Mercury will do, especially ones that perform well.

As for whether it's running all the time, and seeing as this is only an idea so far, what do you think it should do?

Note also that IDsecure (which I also use) only encrypts with SSL, plus some URL/history disguising. Are you sure you can always rely upon IDsecure and JAP far into the future? Do you think your content is unreadable by the first proxy, who knows who you are? Is your first proxy in a region where a Court Order could be used to force them to record your data streams? This idea has absolutely no reliance on trust. I would wish it to be OpenSource, 'cos that's the kind of newbie I am.

And finally...this idea protects all forms of traffic - email, FTP, etcetera - from ISP snooping. In countries where freedom of speech is not allowed (to put it mildly) this may be a lifeline. The trouble with self-encryption is that some aurhorities can demand your keys, under threat of imprisonment. (Like, here in the totally democratic and not at all, oh no, repressive UK, where the RIP Act makes you guilty until you can prove yourself innocent, and not handing over the encryption keys automatically makes you guilty.)

Ideally, I think, it should run through the proposed system all the time. But that's where how slow it is or isn't comes into play - unless it's absolutely vital (for personal safety reasons), people aren't going to be able to tolerate long transmission/receive times (especially if they're on dial-up) - that's the main reason I don't use my stuff very much.

If it is a personal safety situation, then time shouldn't really be an issue.

As far as being able to rely on JAP and IDsecure far into the future - well, no, I really don't know about that, but for the time-being, it works for me. I'm sure, (given the interest in development of new things/ways to accomplish the same thing) that new ways will be developed.

I'd say that, in countries where you are not required to provide your decryption keys, simply using PGP for all your private communications would suffice - there are already innumerable programs out there that'll mask your true IP (and the other fields that your browser requests present to the world), blitz any effect cookies might have and defeat spy/adware to where you are, currently, able to travel the net with relative anonymity, should you so wish.

The can of worms that hsn't been opened here yet is this: Encrypted communications in and of themselves have the capacity to draw un-wanted attention to a user - it's easy enough to spot (for later, more thorough perusal) simply by the length of the transmissions.

Ditto for anyone monitoring ISP traffic - if they can't easily see what's happening should they look (or set up spiders/bots to search for such conditions), the mere fact of being online with no traffic being visually able to be recorded by your ISP will probably set off klaxons for those wanting to know why.

So, you might want to consider, too, a more 'blend-in-with-the-crowd' approach. Although all the intelligence agencies are becoming better able to handle sheer volume of internet traffic in order to make something intelligible of it, they're still a long way off from being able to make sense (or get interested in) everything they now already monitor.

Just a few more thoughts on the whole issue in general - when it comes to programming or implementing anything, I'm definitely not in the running (although I'll be happy to tryout/beta test anything that comes along). Pete

The can of worms that hsn't been opened here yet is this: Encrypted communications in and of themselves have the capacity to draw un-wanted attention to a user - it's easy enough to spot (for later, more thorough perusal) simply by the length of the transmissions.

Ditto for anyone monitoring ISP traffic - if they can't easily see what's happening should they look (or set up spiders/bots to search for such conditions), the mere fact of being online with no traffic being visually able to be recorded by your ISP will probably set off klaxons for those wanting to know why.

Click to expand...

This isn't insurmountable. Basically, there's safety in numbers - when millions of people are routinely using encryption, no agency will have the resources to check individuals out.

My vision is that there'll be thousands and thousands of Junos and Mercurys around the world. The owners of the Project's Intellectual Property would license the proxies to web hosts who, in turn, would sign up clients (non-business end users) for a nominal annual fee. Say, $10 per year, which would generate a reasonable income for them. A small percentage accrues to the owners of the Intellectual Property, for further development and maintenance.

Feedback please?

Introducing QuickSilver

QuickSilver will be another Licensable Program, and a kind of "Mercury Lite". It is intended for WebMasters who wish to respect their visitors' privacy. When an end-user (Cerberus Licensee) wants to access a content provider, Mercury (through its own protocol) will determine if the target website is a QuickSilver user. If so, the Website's dynamically-generated public keys will be exchanged with the end-user's public keys, and from then on, all traffic will be encrypted point-to-point.

Mercury will never "see" the content or know who the Cerberus Licensee is. Juno will never never know who the QuickSilver Licensee is, or what the content is.

Frankly, I can't see a more secure and private system yet proposed. I add that QuickSilver Licencees will be required to state if they are purveyors of (for instance) "Adult" material, under threat of instant revocation, and thus enabling an effective form of Parental Control.

I submit that Mercury can also filter Spyware and Adware, and IRC bots, and the like.

I would ask anyone with sufficient interest to contact me via my profile, and help to turn this into a reality. For all our sakes.

Is there any difference between trusting their method as opposed to yours?

What I mean is, doesn't your proposed system depend entirely on the integrity of every single link in the chain, too?

And who/how will guarantee the intergrity of all those links? What's to keep the whole thing from being penetrated from the outset by people (read 'CIA', 'NSA', 'FBI') claiming to be staunch supporters/developers? Pete

Is there any difference between trusting their method as opposed to yours?

Click to expand...

Yup.

What I mean is, doesn't your proposed system depend entirely on the integrity of every single link in the chain, too?

Click to expand...

Yup.

And who/how will guarantee the intergrity of all those links? What's to keep the whole thing from being penetrated from the outset by people (read 'CIA', 'NSA', 'FBI') claiming to be staunch supporters/developers? Pete

Click to expand...

Yup.

Contributions/suggestions welcomed.

Seriously, these are issues waiting to be discussed, and discussed they need to be. Can you offer any good ideas?

What privacy, where ? Since I was hacked bad I got this spark of "privacy"; about three years ago. Before that I had no firewall, no antivirus, no knowledge at all. Now if I thought I knew something about net privacy I was WRONG. The more I read and study, the less I know. Atleast it feels that way. What about other people, just an ordinary people who goes and buy a computer, or get one as a gift ? Let´s say I am "on a level snail", I think 99 % of peoples is on a level bakterian. And that includes all those peoples who USE their computers as their tools in their works ! It is remarkable how we people trust in technology as blind. All ports wide opened, cacheable passwords available right after autologin....I used to work as a security guard in 4 different companies and 5 years as an MP. I saw this and that in my work but there were no computers on those days I am telling about, no, just doors (opened)and locks(unlocked) and ID - cards ( easy to make fakes). We have a saying herearound : "an opportunity makes a thief". How about now on net; no guards, no cops, nobody watching after and what is the WORST nobody seems to be worried either. I read there are already netcops working somewhere though,but they are children who are good at hacking, CHILDREN! Computers all should be childproof !!!where is this humankind going to....
Krusty a.ka. Ari
<----Ps. ok my picture seems to be an red ex on white, that´ll do fine to me

I have to correct myself before someone else does it : Computers shouldn´t be childproofed but internet should though. I started computing having courses about office tools and I see them very useful for everyone. (got now three driving licenses for pc)
-Ari

Is there any difference between trusting their method as opposed to yours?

Click to expand...

It wouldn't be just mine. It'll take a group to develop this. Furthermore, the code would be OpenSource so the world can see there's nothing up our sleeves.

What I mean is, doesn't your proposed system depend entirely on the integrity of every single link in the chain, too?

Click to expand...

Yes, and that's unavoidable. Consequently controls have to be built into the system to validate the links and ensure they're tamper-proof. These are the things which I hope will come out of discussions here and anywhere else. It has to be achievable or else we can't trust anything. And if it's not achievable, the project dies.

And who/how will guarantee the intergrity of all those links? What's to keep the whole thing from being penetrated from the outset by people (read 'CIA', 'NSA', 'FBI') claiming to be staunch supporters/developers? Pete

Click to expand...

We will publish the code (but retain copyright) under license.

I don't see it as much different from saying, "Can we trust all the DNS servers out there?" There has to be a way!

I have to correct myself before someone else does it : Computers shouldn´t be childproofed but internet should though. I started computing having courses about office tools and I see them very useful for everyone. (got now three driving licenses for pc)
-Ari

Click to expand...

You're right - protection should be built in from the outset. However, it isn't, so we need to make security and privacy as easy to install and as transparent as, say, Zone Alarm. I'm hoping the project described in this thread will be just that.